CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


CPUG Challenge 2018?? We will be holding another CPUG Challenge for 2018.
The plan is to time it around CPX again (earlier this year), but not necessarily limit it to those in attendance.
I'll provide more details as we get a bit closer, but be ready! -E

 

Results 1 to 3 of 3

Thread: Export IPS Logging settings

  1. #1
    Join Date
    2012-08-16
    Posts
    161
    Rep Power
    6

    Default Export IPS Logging settings

    Hi all, just wondering if anyone knows of a way to do a bulk export of the Logging Settings - Log, Alert, User Defined etc. all at once with an IPS export. We have user defined actions in our Logs and Alerts but would like to replace one with the automatic SAM block from sk110873 and just want to make sure we do not run into unintended blocks.

    Is there a way to accomplish this?

    Thanks.

  2. #2
    Join Date
    2009-04-30
    Location
    Colorado, USA
    Posts
    2,092
    Rep Power
    12

    Default Re: Export IPS Logging settings

    Quote Originally Posted by aweldon View Post
    Hi all, just wondering if anyone knows of a way to do a bulk export of the Logging Settings - Log, Alert, User Defined etc. all at once with an IPS export. We have user defined actions in our Logs and Alerts but would like to replace one with the automatic SAM block from sk110873 and just want to make sure we do not run into unintended blocks.

    Is there a way to accomplish this?

    Thanks.
    It looks like the IPS->Protections->View->Export View function in the R77.30 SmartDashboard and R80 SmartConsole does not include the Log field for IPS Protections exported to CSV. However check out the ips_export_import tool (sk65627) which will dump a tar file export of an IPS Profile. After unzipping the tar file check out the ips_protections_per_profile.C file which may have what you need. The ips_export_import tool definitely works on a R77.30 SMS, but when I tried it on a R80.10 management server it dumped core so I take it this tool is not supported in R80.10, possibly not in R80 either. :-)
    Last edited by ShadowPeak.com; 2017-03-28 at 16:33.
    --
    My Book "Max Power: Check Point Firewall Performance Optimization"
    Second Edition Coming Soon

  3. #3
    Join Date
    2012-08-16
    Posts
    161
    Rep Power
    6

    Default Re: Export IPS Logging settings

    Thanks for the suggestion. Just exported the file and extracted it. I went looking for two protections that I know are setup to send an email (user defined) but, once locating them in the file there is no :track attribute defined for them.

Similar Threads

  1. ESP and AH Settings in Checkpoint
    By Keshavraikot in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 6
    Last Post: 2014-10-02, 21:54
  2. MTU settings
    By achauhan1976 in forum Miscellaneous
    Replies: 3
    Last Post: 2010-08-19, 10:57
  3. Logging and Status Blade in R70.20 now does Identity Logging
    By PhoneBoy in forum Security Management Server (Formerly SmartCenter Server ((Formerly Management Server))
    Replies: 7
    Last Post: 2010-04-05, 16:06
  4. VPN-1 Edge Export Settings = [700002] object not found
    By roveer in forum Check Point UTM-1 Edge Appliances
    Replies: 9
    Last Post: 2008-06-11, 10:34
  5. U.S. govt new DST settings.
    By dew1902 in forum Check Point IP Appliances and IPSO (Formerly Sold By Nokia)
    Replies: 1
    Last Post: 2007-02-12, 13:59

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •